Hi [[ session.user.profile.firstName ]]

Breaking Down the PCI SSC’s New Guidance for Protecting Telephone-Based Payments

Over the last seven years, the technologies used by call and contact centers to communicate with customers and complete card transactions have changed drastically. Networking methodologies like VoIP have since become widely adopted, while the number of applications organizations employ to process customer information has risen dramatically. For this reason, the PCI SSC recently released their highly anticipated updated “Guidance for Protecting Telephone-Based Card Payments” for the first time since 2011, offering several much-needed clarifications for organizations looking to achieve PCI DSS compliance inside their contact centers.

Join Semafone and Sec-1 Ltd. for this insightful webinar into the most pertinent changes, featuring two of the members of the PCI SSC’s Special Interest Group – Ben Rafferty, Chief Innovation Officer at Semafone, and Wayne Murphy, Senior Security Consultant at Sec-1 Ltd. We’ll cover the following:

• How to avoid scope-creep inside the contact center during PCI DSS compliance
• How Pause and Resume call recording solutions create more problems than they solve
• How most 3rd party services are now in scope for PCI DSS compliance
• How devices that control SIP Redirection are now also in scope
Recorded Mar 14 2019 46 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Wayne Murphy, Senior Security Consultant (QSA), Sec-1 Ltd.; Ben Rafferty, Chief Innovation Officer, Semafone
Presentation preview: Breaking Down the PCI SSC’s New Guidance for Protecting Telephone-Based Payments

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • The Omnichannel Contact Center: Implementing a Frictionless Payment Experience Recorded: Sep 27 2019 61 mins
    Cheryl Helm, Helm Communications; Pinar Apay, Worldpay; Mahendra Penumathsa, Unytalk
    Consumers these days are savvy. They’re also a bit impatient. Constantly connected and with the world in the palm of their hands through their smartphones, they’ve become accustomed to instantaneous feedback to any issue that arises, especially with the businesses they transact with. They use a variety of channels to communicate, whether it’s email, SMS, webchat, social media, or IM, among many others, seamlessly switching from one to the next, and they expect brands to have the same ability.

    For this reason, organizations must embrace a digital transformation and invest in omnichannel contact center solutions that allow them to communicate and collect payments via any digital channel to keep up with consumer demands. Learn from leading thought leaders in the industry in an exciting panel discussion how to do just that and more, including:

    - How to embrace an omnichannel communications and payments strategy in your contact center
    - Best practices for implementing a seamless customer experience between channels
    - How to overcome common challenges along the way

    Don’t wait – register now to reserve your spot!
  • California Consumer Privacy Act: How Contact Centers Can Lead Compliance Efforts Recorded: May 23 2019 42 mins
    Thomas Chisena, Associate, Foley & Lardner LLP, Aaron Lumnah, Senior Manager, Demand Generation, Semafone
    Contact centers are the beating heart of organizations, serving as the frontline for customer communications and processing mountains of consumer data. However, with the passing of the California Consumer Privacy Act, new scrutiny will be placed onto the data security procedures of organizations processing the data of California citizens, presenting difficulties, as well as opportunities, for contact centers.

    Is your contact center prepared to comply with the CCPA? In this webinar, Semafone will be joined by data privacy expert, Thomas Chisena from Foley & Lardner LLP, where we’ll lay out a blueprint for contact centers to lead their organization’s compliance efforts, based on best practices for existing privacy legislation such as the GDPR and PCI DSS.

    We’ll cover the following:

    •The main provisions in the CCPA, what they mean, and how they apply to your company
    •Proposed amendments to the legislation that you need to pay attention to
    •An action plan of data security best practices to help your contact center comply

    Presenters
    Thomas Chisena, Associate, Foley & Lardner LLP
    Thomas Chisena is an associate with Foley & Lardner LLP, where he advises on all matters involving intellectual property and technology transactions, including licensing, procurement, outsourcing, and other technology law issues affecting companies of all sizes. He also advises on cybersecurity and privacy issues affecting all industries, including state, federal, and international laws and regulations. Prior to joining Foley, Mr. Chisena was an associate at an AmLaw 100 Boston-based law firm, where he focused his practice in the areas of intellectual property litigation, technology, and cybersecurity.

    Aaron Lumnah, Senior Manager, Demand Generation

    Aaron is a member of the Semafone marketing team, where he regularly contributes to the Semafone blog and authors many types of content around payment security, PCI DSS, and GDPR compliance.
  • PCI DSS Compliant Payments: A Prescription to Secure Healthcare Contact Centers Recorded: Apr 2 2019 46 mins
    InstaMed and Semafone
    For any healthcare organization, the contact center is a major hub for patient communications, whether it’s processing a great deal of Protected Health Information or collecting payments for billing purposes. With healthcare organizations suffering the most data breaches of any industry, it’s never been more important to take the proper precautions to protect the contact center and prevent fraudsters from stealing this sensitive information.

    While there isn’t a cure-all solution just yet, there are a number of steps healthcare organizations can take to secure their contact center and cut down the risk of a data breach. Join Semafone and InstaMed for an insightful webinar where we’ll offer a prescription to cure the data breach epidemic and better protect healthcare contact centers. We’ll cover:

    - Common insider threats found within healthcare contact centers
    - Prevalent vulnerabilities unique to healthcare organizations
    - Innovative solutions to secure payments within your contact center

    Register now to reserve your space!
  • Breaking Down the PCI SSC’s New Guidance for Protecting Telephone-Based Payments Recorded: Mar 14 2019 46 mins
    Wayne Murphy, Senior Security Consultant (QSA), Sec-1 Ltd.; Ben Rafferty, Chief Innovation Officer, Semafone
    Over the last seven years, the technologies used by call and contact centers to communicate with customers and complete card transactions have changed drastically. Networking methodologies like VoIP have since become widely adopted, while the number of applications organizations employ to process customer information has risen dramatically. For this reason, the PCI SSC recently released their highly anticipated updated “Guidance for Protecting Telephone-Based Card Payments” for the first time since 2011, offering several much-needed clarifications for organizations looking to achieve PCI DSS compliance inside their contact centers.

    Join Semafone and Sec-1 Ltd. for this insightful webinar into the most pertinent changes, featuring two of the members of the PCI SSC’s Special Interest Group – Ben Rafferty, Chief Innovation Officer at Semafone, and Wayne Murphy, Senior Security Consultant at Sec-1 Ltd. We’ll cover the following:

    • How to avoid scope-creep inside the contact center during PCI DSS compliance
    • How Pause and Resume call recording solutions create more problems than they solve
    • How most 3rd party services are now in scope for PCI DSS compliance
    • How devices that control SIP Redirection are now also in scope
  • New PCI DSS Guidance: Highlighting the Deficiencies of Pause-and-Resume Recorded: Feb 28 2019 63 mins
    Simon Turner, BT; Ben Rafferty, Semafone
    With the recent release of the PCI SSC's updated guidelines for protecting telephone-based card payments, it has never been clearer that attaining PCI DSS compliance inside the contact center is a complex and onerous task for any organization. For the first time in seven years, the Council has clarified many previously misinterpreted controls required for in PCI DSS compliance, resulting in increased scope (and all its associated risks) for many contact centers

    One major clarification the guidance makes is targeting pause-and-resume call recording solutions and the potential for cardholder data to make its way onto recordings, thus breaching compliance.

    Join Semafone and BT for an insightful webinar where we’ll cover the following:

    - The deficiencies of Pause-and-Resume call recording solutions for PCI DSS compliance
    - The additional onerous controls QSAs will mandate for organizations using this technology
    - A better way to secure your contact center and keep cardholder data off call recordings

    Register now to reserve your space!
  • Breaking Down the PCI SSC’s New Guidance for Protecting Telephone-Based Payments Recorded: Jan 17 2019 47 mins
    Wayne Murphy, Sec-1 Ltd.; Ben Rafferty, Semafone
    Over the last seven years, the technologies used by call and contact centers to communicate with customers and complete card transactions have changed drastically. Networking methodologies like VoIP have since become widely adopted, while the number of applications organizations employ to process customer information has risen dramatically. For this reason, the PCI SSC recently released their highly anticipated updated “Guidance for Protecting Telephone-Based Card Payments” for the first time since 2011, offering several much-needed clarifications for organizations looking to achieve PCI DSS compliance inside their contact centers.

    Join Semafone and Sec-1 Ltd. for this insightful webinar into the most pertinent changes, featuring two of the members of the PCI SSC’s Special Interest Group – Ben Rafferty, Chief Innovation Officer at Semafone, and Wayne Murphy, Senior Security Consultant at Sec-1 Ltd. We’ll cover the following:

    • How to avoid scope-creep inside the contact center during PCI DSS compliance
    • How Pause and Resume call recording solutions create more problems than they solve
    • How most 3rd party services are now in scope for PCI DSS compliance
    • How devices that control SIP Redirection are now also in scope
  • Protecting Payments During the Holidays: Your Guide to Prevent Credit Card Fraud Recorded: Dec 12 2018 39 mins
    Cole Valadez, Integrations Manager, PayJunction; Aaron Lumnah, Semafone
    With the Holiday Shopping Season now upon us, consumers are opening their wallets in earnest, with some estimates putting spending at over $1 trillion in the US alone. Brands everywhere can expect to see a huge spike in sales, and along with it, an increase in payment fraud. Not only does the influx of transactions make it harder to detect fraudulent activity, but swarms of temporary seasonal workers can become insider threats that compromise an organization’s security procedures.

    Join Semafone and PayJunction for an insightful webinar where you’ll learn the following:

    - Why payment fraud spikes during the Holiday Season
    - Ways to train and properly vet seasonal workers to ensure security
    - How to implement technology solutions to help cut down on fraud rates during this holiday season

    Make sure to reserve your seat by registering now!
  • Curing the PCI DSS Headache for Contact Centers with Sutter Health and Genesys Recorded: Nov 8 2018 42 mins
    Alicia Gee, Dir., Unified Communications & Steve Chambers, GM,VP PAS, Sutter Health; Alan Watson, Head of Presales, Semafone
    Healthcare call and contact centers face some tough challenges when it comes to data security. In fact, healthcare data breaches are reported at a rate of more than one per day in the US alone, exposing patients’ personally identifiable information (PII)—from medical records to payment card data and beyond—to the wrong people.

    Earlier this year, IBM published their 2018 Cost of a Data Breach Report, which stated that, for the 8th year in a row, healthcare organizations had the highest costs associated with data breaches—$408 per lost or stolen record. That’s nearly three times higher than the cross-industry average of $148.

    These challenges are not unique to the healthcare sector. All call and contact centers face similar obstacles and need to consider if their Payment Card Industry Data Security Standard (PCI DSS) compliance strategy is sound.

    Join Genesys, Semafone and Sutter Physician Services (SPS) in this webinar to learn how SPS:

    • Overcame IVR frustration, improved customer service and reduced abandoned call rates
    • Increased customer data security—no need to verbalize card data
    • De-scoped for PCI DSS

    Reserve your space now.
  • GDPR Compliance for Contact Centers: Using PCI DSS as a Proven Framework Recorded: Sep 20 2018 47 mins
    Jay Trinckes, Principal Security Consultant for Risk Management & Governance, NCC; Aaron Lumnah, Semafone
    On May 25, 2018, the European Union's General Data Protection Regulation (GDPR) went into effect, becoming the world's strictest and most comprehensive data protection legislation. Companies around the world, regardless of whether they are physically located within EU borders, had to meet compliance requirements if they process the data of EU citizens, creating a huge headache for any organization running a call or contact center.

    For contact centers that have troves of sensitive customer information, GDPR compliance can easily become a massive undertaking. However, using preexisting tried-and-true frameworks like the PCI DSS, companies can relieve the burden of meeting compliance obligations.

    Join Semafone and NCC for this informative session, where you'll learn:
    - How to achieve GDPR compliance in your call or contact center
    - How to use existing data security frameworks like the PCI DSS to simplify compliance efforts
    - How to improve data security inside your contact center while enabling a more seamless customer experience

    Additionally, registrants will receive a free copy of Semafone's GDPR Guide for Contact Centers.

    Reserve your space now!

    About Jay Trinckes:

    John ‘Jay’ Trinckes, Jr., CISSP, CISM, CRISC, HITRUST CSF Practitioner leads NCC Group’s healthcare practice by assisting clients in managing their IT risk to ensure they are not subject to cyber-attack along with helping them validate their compliance with IT regulations such as HIPAA. Jay is the author of three books, “How Healthcare Data Privacy Is Almost Dead…and What Can Be Done to Revive It! (2017), "The Definitive Guide to Complying with the HIPAA/HITECH Privacy and Security Rules" (2012), and "The Executive MBA in Information Security" (2009), and has a wide range of experience in computer networks, vulnerability and penetration testing, security, compliance, and risk assessment.
  • Top 10 New Ways to Pay Recorded: Aug 9 2018 57 mins
    Kieran Hines, Ovum; David Scheidemantel, Semafone; Steve Kramer, ACI Worldwide
    In this session, we cover the newest payment methods organizations are using, and we'll discuss how executives plan the move to more secure and convenient ways to receive consumer payments. We'll also include exclusive research from Ovum!

    Key Takeaways:

    - Learn about the top ten new ways to pay
    - Steps executives are taking to increase security
    - New payment method that could reduce the number of PCI controls in your call center by up to 90%
  • It’s Not Just Your IT: Why People & Process Matter for PCI DSS Compliance Recorded: Mar 29 2018 48 mins
    David Scheidemantel, Solutions Consultant, Semafone
    PCI DSS compliance and data security is a perennial challenge for any organization, especially for those operating contact centers. With potentially hundreds of PCI controls to keep track of, it's easy for things to get lost in the mix.

    When tackling compliance and cybersecurity issues, it's a common mistake to only focus on the organization's IT infrastructure, and neglect to examine the people and underlying processes handling sensitive customer and payment card data.

    Join us in the webinar and you'll learn how to:
    - Take a more holistic approach to PCI DSS compliance inside the contact center
    - Understand the flow of information through your contact center & how people and processes touch payment card and sensitive customer data
    - Create an action plan to reduce risk and achieve PCI DSS compliance once & for all
  • How to Descope Your Entire Contact Center for PCI DSS Compliance Recorded: Mar 8 2018 6 mins
    Semafone
    Any company that takes payments over the phone must comply with the requirements of the Payment Card Industry Data Security Standards (PCI DSS), and all the costs and headaches that come with it.

    Learn about how to achieve PCI DSS compliance for your entire contact centre, and how to reduce the amount of applicable PCI DSS controls in your business infrastructure.
  • Improving Cybersecurity in the Contact Center: How to Prevent a Data Breach Recorded: Jan 3 2018 55 mins
    Andrew Henwood, CEO, Foregenix & David Scheidemantel, Solutions Consultant, Semafone
    Make no mistake—it isn't a question of if your company will be breached, but when.

    However, with such high rates of security incidents occurring, many organizations choose to put off implementing the right data security measures until it's too late.

    Watch this informative on-demand webinar featuring some of the leading experts in the IT and payments security spaces where we'll cover:

    - The various risk factors that threaten organizations—from both outside and within
    - What happens to companies after a data breach
    - How you can avoid a data breach of your own by complying with security frameworks like the PCI DSS

    Additionally, you'll learn how to increase customer service and satisfaction, while reducing the associated security costs.
  • PCI DSS for Contact Centers: Perils & Pitfalls of Pause & Resume Call Recording Recorded: Dec 12 2017 55 mins
    Daniel Doherty, Founder, Viziulo; Bill Franklin, QSA at Coalfire Systems; David Scheidemantel, Solutions Consultant, Semafone
    Companies today must navigate a minefield of compliance and regulatory challenges, especially in highly regulated industries where call recording in contact centers is standard, if not a mandated requirement. At the same time, standards like the PCI DSS uphold that no Sensitive Authentication Data (SAD) from payment cards may be recorded at any time, creating a conundrum for companies trying to maintain full call recordings.

    Although Pause & Resume call recording methods have become a widely used contact center practice, it does not necessarily deliver guaranteed or robust PCI DSS compliance. In fact, these solutions often cause more problems than they solve – and these flaws can result in systemic governance failures.

    Watch this informative webinar featuring some of the leading experts in the financial services and payments security spaces where we'll cover:

    - How to juggle multiple industry and payment security regulations
    - Why techniques like Pause & Resume call recording don't fully meet compliance standards
    - Alternative solutions to keep payment data completely out of the contact center

    Additionally, you'll learn how to increase customer service and satisfaction, while reducing reducing the associated costs of PCI DSS compliance.
  • PCI DSS Compliance & Your Call Center: The Do's and Don'ts of Scope Reduction Recorded: Nov 15 2017 60 mins
    Joe Meyer, Director of Risk Management Practices, NCC & David Scheidemantel, Solutions Consultant, Semafone
    With cyberattacks happening with greater frequency every year, and the average cost of a data breach at $4 million in 2016 according to the Ponemon Institute, it has never been more important to ensure your organization is following security best practices to prevent a breach of its own.

    View now for an informative webinar featuring some of the leading experts in the PCI compliance and call center payments spaces where we'll cover:

    - The main components of PCI DSS and how they affect the call center
    - Ways to reduce the time and cost of achieving PCI compliance
    - How to protect your organization against payment fraud and the associated reputational risk

    Additionally, you'll learn how to eliminate the need for customer cardholder data to be handled by your contact center agents or held in your contact center infrastructure, while improving customer service and satisfaction.
Securing Data, Protecting Reputations
Semafone enables simple, fast, cost-effective PCI DSS compliance and data security for your contact center.

Taking payments over the phone is essential for many organizations. Customers need to know they can trust you with their sensitive personal information.

Semafone's signature solution Cardprotect makes it easy to tackle payment and data security issues in the contact center – without compromising on customer experience.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Breaking Down the PCI SSC’s New Guidance for Protecting Telephone-Based Payments
  • Live at: Mar 14 2019 11:00 am
  • Presented by: Wayne Murphy, Senior Security Consultant (QSA), Sec-1 Ltd.; Ben Rafferty, Chief Innovation Officer, Semafone
  • From:
Your email has been sent.
or close